On Tue, 31 May 2022 03:17:52 +0100 mick crane <mick.cr...@gmail.com> wrote:
> regarding firewall discussion I'm uncertain how firewalls are > supposed to work. > I think the idea is that nothing is accepted unless it is in response > to a request. > What's to stop some spurious instructions being sent in response to > genuine request? > Nothing really, but the reply can only come from the site you made the request to. Don't connect to untrustworthy sites. It is of course possible for a legitimate site to get hacked and some malware embedded in its pages or linked from them, but that will normally require JavaScript to run, and many people run browsers with JS disabled. It's quite rare for a professionally-run site to get defaced, as the terminology has it, but there's no way I would run a public-facing website, as I don't know enough to secure it (and I know that I don't know enough). There are other defences: use a proxy server which blocks anything suspicious, and so on. We're into application-level firewalls here, that actually parse the returned packets, beyond the scope of iptables and the like. Browsers usually have a number of configurations concerning third-party content, as well as plugins such as No-Script for Firefox. But a blanket ban on JS will result in many (most?) websites today not working. I despair of the 'web designers' who cannot display a single character on a user's browser without using JS. -- Joe